Vigil@nce: OpenSSL, disclosure of J-PAKE secret
December 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
When a server uses the J-PAKE implementation of OpenSSL, a remote
attacker can obtain the shared secret.
– Severity: 1/4
– Creation date: 03/12/2010
DESCRIPTION OF THE VULNERABILITY
The J-PAKE (Password Authenticated Key Exchange by Juggling)
protocol is used to create a private communication, from a shared
secret. OpenSSL implements an experimental version of J-PAKE.
However, this implementation does not check if public parameters
are sufficiently complex. An attacker can then derivate the
session key.
When a server uses the J-PAKE implementation of OpenSSL, a remote
attacker can therefore obtain the shared secret.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/OpenSSL-disclosure-of-J-PAKE-secret-10174